nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

MADONNA: Browser-Based MAlicious Domain Detection Through Optimized Neural Network with Feature Analysis

verfasst von : Janaka Senanayake, Sampath Rajapaksha, Naoto Yanai, Chika Komiya, Harsha Kalutarage

Erschienen in: ICT Systems Security and Privacy Protection

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The detection of malicious domains often relies on machine learning (ML), and proposals for browser-based detection of malicious domains with high throughput have been put forward in recent years. However, existing methods suffer from limited accuracy. In this paper, we present MADONNA, a novel browser-based detector for malicious domains that surpasses the current state-of-the-art in both accuracy and throughput. Our technical contributions include optimized feature selection through correlation analysis, and the incorporation of various model optimization techniques like pruning and quantization, to enhance MADONNA’s throughput while maintaining accuracy. We conducted extensive experiments and found that our optimized architecture, the Shallow Neural Network (SNN), achieved higher accuracy than standard architectures. Furthermore, we developed and evaluated MADONNA’s Google Chrome extension, which outperformed existing methods in terms of accuracy and F1-score by six points (achieving 0.94) and four points (achieving 0.92), respectively, while maintaining a higher throughput improvement of 0.87 s. Our evaluation demonstrates that MADONNA is capable of precisely detecting malicious domains, even in real-world deployments.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Enhancing the ACME Protocol to Automate the Management of All X.509 Web Certificates

Nächstes Kapitel Cyber Key Terrain Identification Using Adjusted PageRank Centrality

https://github.com/softwaresec-labs/MADONNA.

https://pyscript.net/.

Abdelnabi, S., Krombholz, K., Fritz, M.: VisualPhishNet: zero-day phishing website detection by visual similarity. In: Proceedings of CCS 2020, pp. 1681–1698. ACM (2020)

Alhogail, A.A., Al-Turaiki, I.: Improved detection of malicious domain names using gradient boosted machines and feature engineering. Inf. Technol. Control 51(2), 313–331 (2022)CrossRef

Ariyadasa, S., Fernando, S., Fernando, S.: Combining long-term recurrent convolutional and graph convolutional networks to detect phishing sites using URL and HTML. IEEE Access 10, 82355–82375 (2022). https://doi.org/10.1109/ACCESS.2022.3196018CrossRef

Berman, D.S.: DGA CapsNet: 1D application of capsule networks to DGA detection. Information 10(5), 157 (2019)CrossRef

Chien, C.J., Yanai, N., Okamura, S.: Design of malicious domain detection dataset for network security (2021). http://www-infosec.ist.osaka-u.ac.jp/~yanai/dataset.pdf

Mohith Gowda, H.R., Adithya, M.V., Gunesh Prasad, S., Vinay, S.: Development of anti-phishing browser based on random forest and rule of extraction framework. Cybersecurity 3(1), 1–20 (2020)

Huang, Y., Qiao, X., Dustdar, S., Li, Y.: AoDNN: an auto-offloading approach to optimize deep inference for fostering mobile web. In: Proceedings of INFOCOM 2022, pp. 2198–2207 (2022)

Idelbayev, Y., Carreira-Perpinan, M.A.: An empirical comparison of quantization, pruning and low-rank neural network compression using the LC toolkit. In: 2021 International Joint Conference on Neural Networks (IJCNN), pp. 1–8 (2021). https://doi.org/10.1109/IJCNN52387.2021.9533730

Iwahana, K., et al.: MADMAX: browser-based malicious domain detection through extreme learning machine. IEEE Access 9, 78293–78314 (2021)CrossRef

10.

Li, T., Kou, G., Peng, Y.: Improving malicious URLs detection via feature engineering: Linear and nonlinear space transformation methods. Inf. Syst. 91, 101494 (2020)CrossRef

11.

Morell, J.A., Camero, A., Alba, E.: JSDoop and TensorFlow.js: volunteer distributed web browser-based neural network training. IEEE Access 7, 158671–158684 (2019)CrossRef

12.

Palaniappan, G., Sangeetha, S., Rajendran, B., Sanjay, Goyal, S., Bindhumadhava, B.S.: Malicious domain detection using machine learning on domain name features, host-based features and web-based features. Procedia Comput. Sci. 171, 654–661 (2020)

13.

Rajapaksha, S., Kalutarage, H., Al-Kadri, M.O., Petrovski, A., Madzudzo, G., Cheah, M.: AI-based intrusion detection systems for in-vehicle networks: a survey. ACM Comput. Surv. 55(11), 1–40 (2023). https://doi.org/10.1145/3570954CrossRef

14.

Rupa, C., Srivastava, G., Bhattacharya, S., Reddy, P., Gadekallu, T.R.: A machine learning driven threat intelligence system for malicious URL detection. In: Proceedings of ARES 2021, pp. 1–7. ACM (2021)

15.

Saleem Raja, A., Vinodini, R., Kavitha, A.: Lexical features based malicious URL detection using machine learning techniques. Mater. Today Proc. 47, 163–166 (2021)CrossRef

16.

Senanayake, J., Kalutarage, H., Al-Kadri, M.O.: Android mobile malware detection using machine learning: a systematic review. Electronics 10(13), 1606 (2021). https://doi.org/10.3390/electronics10131606. https://www.mdpi.com/2079-9292/10/13/1606

17.

Senanayake, J., Kalutarage, H., Al-Kadri, M.O., Petrovski, A., Piras, L.: Android source code vulnerability detection: a systematic literature review. ACM Comput. Surv. 55(9), 1–37 (2023). https://doi.org/10.1145/3556974CrossRef

18.

Shabudin, S., Sani, N.S., Ariffin, K.A.Z., Aliff, M.: Feature selection for phishing website classification. Int. J. Adv. Comput. Sci. Appl. 11(4), 587–595 (2020)

19.

Shi, Y., Chen, G., Li, J.: Malicious domain name detection based on extreme machine learning. Neural Process. Lett. 48(3), 1347–1357 (2018)CrossRef

20.

Smilkov, D., et al.: TensorFlow.js: machine learning for the web and beyond (2019). https://doi.org/10.48550/ARXIV.1901.05350. https://arxiv.org/abs/1901.05350

21.

Sun, X., Tong, M., Yang, J., Xinran, L., Heng, L.: HinDom: a robust malicious domain detection system based on heterogeneous information network with transductive classification. In: Proceedings of RAID 2019, pp. 399–412. USENIX Association (2019)

22.

Sun, X., Yang, J., Wang, Z., Liu, H.: HGDom: heterogeneous graph convolutional networks for malicious domain detection. In: Proceedings of NOMS 2020, pp. 1–9. IEEE (2020)

23.

Tang, L., Mahmoud, Q.H.: A survey of machine learning-based solutions for phishing website detection. Mach. Learn. Knowl. Extr. 3(3), 672–694 (2021)CrossRef

24.

Vadera, S., Ameen, S.: Methods for pruning deep neural networks. IEEE Access 10, 63280–63300 (2022). https://doi.org/10.1109/ACCESS.2022.3182659CrossRef

25.

Vinayakumar, R., Soman, K., Poornachandran, P.: Detecting malicious domain names using deep learning approaches at scale. J. Intell. Fuzzy Syst. 34(3), 1355–1367 (2018)CrossRef

26.

Yahya, F., et al.: Detection of phising websites using machine learning approaches. In: Proceedings of ICoDSA 2021, pp. 40–47. IEEE (2021)

27.

Yang, L., Liu, G., Dai, Y., Wang, J., Zhai, J.: Detecting stealthy domain generation algorithms using heterogeneous deep neural network framework. IEEE Access 8, 82876–82889 (2020)CrossRef

28.

Yu, B., Pan, J., Hu, J., Nascimento, A., De Cock, M.: Character level based detection of DGA domain names. In: Proceedings of IJCNN 2018, pp. 1–8. IEEE (2018)

29.

Yu, T., Zhauniarovich, Y., Khalil, I., Dacier, M.: A survey on malicious domains detection through DNS data analysis. ACM Comput. Surv. 51(4), 1–36 (2018)

30.

Zabihimayvan, M., Doran, D.: Fuzzy rough set feature selection to enhance phishing attack detection. In: Proceedings of FUZZ-IEEE 2019, pp. 1–6. IEEE (2019). https://doi.org/10.1109/FUZZ-IEEE.2019.8858884

31.

Zamir, A., et al.: Phishing web site detection using diverse machine learning algorithms. Electron. Libr. 38(1), 65–80 (2020)CrossRef

Titel: MADONNA: Browser-Based MAlicious Domain Detection Through Optimized Neural Network with Feature Analysis
verfasst von: Janaka Senanayake
Sampath Rajapaksha
Naoto Yanai
Chika Komiya
Harsha Kalutarage
Verlag: Springer Nature Switzerland
Buch: ICT Systems Security and Privacy Protection
Print ISBN: 978-3-031-56325-6

Electronic ISBN: 978-3-031-56326-3

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-3-031-56326-3_20

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner